Someone, somewhere, is about to install the mobile app that took you hundreds of hours and cost thousands to dollars to develop. Just as he's about to, though, he changes his mind —and you've just lost another potential user.
This scenario happens to developers every day. Often, it's a matter of trust. Many apps request permissions to access private data of many different types. Users — quite rightly — are often reluctant to grant those permissions to an app they have no reason to trust. Do they really want the app to be able to post "on their behalf" on social networks?
"Some apps ask for access to your phone log or your photos, and you start scratching your head as to why," says Olivier Amar, CEO of MyPermissions, a company that has set up a free permissions certification process for developers. "Sometimes, developers really need those permissions, but they don't have a way to explain that."
Developers Must Meet 'Clear Guidelines' for MyPermissions Certification
MyPermissions' certification program covers mobile apps as well as also websites and other applications that connect to online services (such as Twitter or Instagram) or that allow users to authenticate themselves using services such as Facebook Connect. That's important because about 80 percent of the top 100 iOS apps, and almost two-thirds of the top 100 Android apps, use Facebook Connect to let users sign in to the games or services they provide, Amar says.
To become MyPermisions Certified, developers must go through a form-filling process. This includes a review of the required permissions and a privacy questionnaire that justifies the personal information that their apps access and details why they need it. "We have guidelines, and they are very clear," Amar says.
Any developer asking for permissions that contravene these guidelines will have to make changes in order to become certified, he explains. "We won't certify author[s] if we can't understand why they want certain types of information. Why do they want to know your friends of your political views? An answer like 'We might need it in the future' is not acceptable."
Amar says the certification process is fairly painless. If a developer's well-organised, it can take as little as 20 minutes. Otherwise, the process could very well last weeks.
Of course, this raises a key question for developers: Why bother? Why go through such an administrative process just to get a certification that, let's face it, most users have never heard of?
One answer is that it allows you to establish your trustworthiness. Users who are curious can click on the "MyPermissions Certified" logo to bring up information about the certification, along with an explanation of why you needs each permission and what you will do with the personal data your app can now access.
Sign up for CIO Asia eNewsletters.